[Owasp-leaders] Measuring Intent and Funding Things

Jim Manico jim.manico at owasp.org
Tue Mar 25 12:53:31 UTC 2014


 From Kickstarters Terms of Use page....  it looks like staff should set 
up the account under an OWASP account and then add you to the project.


        I'm launching a project with a group of people or a company. Who
        should complete the identity verification process?
        <https://www.kickstarter.com/help/faq/creator+questions#faq_62986>

Regardless of whether the project creator is one person or an entire 
company, the identity verification process has to be completed by a 
single person. If you are running your project as a legal entity, such 
as a registered company or organization, a person associated with this 
entity who meets oureligibility requirements 
<https://www.kickstarter.com/help/faq/creator+questions#faq_41823>must 
verify their identity as the entity's representative.


On 3/25/14, 6:16 PM, Yvan Boily wrote:
> Hi Tobias, all,
>
> This is one of the reasons I felt the need to be clear!  I haven't run 
> a campaign under any tools under than Kickstarter, and they don't have 
> any capabilities around multi-user accounts.  I could not surrender 
> the credentials for my Kickstarter account as they are associated with 
> another non-profit that I work with, but I will check their ToS about 
> having multiple accounts.  I will also check the capabilities of other 
> platforms as Kickstarter can be quite restrictive about what they 
> support in terms of fundraising projects.  I would prefer the 
> fundraiser/funds to be sent to an OWASP account for tax liability reasons.
>
> I think the best approach would be to have a call to discuss the 
> details that are blockers.  If you would like to participate in this 
> discussion please add your name here - 
> http://doodle.com/5pvna9khph5vvns4 (and send me your email address or 
> a message that you want to participate so I can send you the meeting link)
>
> Cheers,
> Yvan
>
>
>
>
> On Mon, Mar 24, 2014 at 11:05 PM, Tobias <tobias.gondrom at owasp.org 
> <mailto:tobias.gondrom at owasp.org>> wrote:
>
>     Hi all,
>
>     I agree with Jim, in that this is a good idea.
>
>     To some degree it is operational, so I would suggest that you just
>     talk directly with Sarah and maybe our new community manager to
>     make this happen (feel free to cc Jim and myself or the board-list).
>     For long term stability and consistent accounting of our funds,
>     the account should be managed by our ops team. Maybe you can help
>     them how to set up the account.
>
>     Cheers, Tobias
>
>
>
>     On 25/03/14 14:29, Jim Manico wrote:
>>     Yvan,
>>
>>     Of course please use our brand guidelines
>>     https://www.owasp.org/index.php/Marketing/Resources#tab=BRAND_GUIDELINES
>>     and kick start this funding idea. Raising funds for our non
>>     profit foundation is something we need to support and encourage.
>>     When you set up a kickstarter or similar campaign, can you give
>>     the credentials to Sarah Baso and/or work with her to ensure the
>>     funds to directly to the foundation?
>>
>>     I might be smacked a bit for jumping the gun here, but that is
>>     ok. It's my duty as a board member to support raising funds for
>>     the foundation, so please charge ahead and I'll take
>>     responsibility for any flack for moving fast on this.
>>
>>     Aloha,
>>     Jim
>>
>>
>>
>>     On 3/25/14, 10:49 AM, Yvan Boily wrote:
>>>     To be clear, the reason I keep asking permission instead of just
>>>     moving forward is for one reason -
>>>
>>>     Running a kickstarter for the OWASP community (or anyone else
>>>     who participates) means collecting funds.  I am happy to provide
>>>     a complete accounting of the funds collected, and donate any
>>>     extra funds collected to OWASP, but I want this activity blessed
>>>     by the OWASP Board or whoever the right folks involved are
>>>     before proceeding.
>>>
>>>     Cheers,
>>>     Yvan
>>>
>>>     ps - irrational exuberance is the reason I do community stuff...
>>>     a career in infosec has made me somewhat cynical, doing awesome
>>>     community stuff ameliorates that ;)
>>>
>>>
>>>     On Mon, Mar 24, 2014 at 10:12 PM, Jim Manico
>>>     <jim.manico at owasp.org <mailto:jim.manico at owasp.org>> wrote:
>>>
>>>         Yvan,
>>>
>>>         For certain you are way too excited to get a copy. Greenspan
>>>         talked about this as a form of "irrational exuberance".  ;)
>>>
>>>         By the same token, I think a crowdfunding campaign is a
>>>         fantastic idea. I say go for it. This might be a great way
>>>         to fund future endeavors. If you need any help reviewing the
>>>         campaign copy before you go live, just give me a shout.
>>>
>>>         Awesome + Aloha,
>>>         Jim
>>>
>>>
>>>
>>>>         I requested some a copy of the Cornucopia materials from
>>>>         blackfoot.
>>>>
>>>>         I am happy to coordinate a print run of the cards, but in
>>>>         order to dramatically simplify things I would prefer to run
>>>>         an crowdfunding campaign to get a pile of them mass
>>>>         produced.  Basically the goal would be to get an estimate
>>>>         on the production run, coordinate with (Sam|Kate|Colin|?!?)
>>>>         to get some nice OWASP branded packaging (I haven't seen
>>>>         the controversial (?) packaging mentioned in other threads).
>>>>
>>>>         If there is media (videos of folks playing, copy about the
>>>>         game, etc) that would also be helpful.  The great thing
>>>>         about running something like this through kickstarter is
>>>>         that you can allow people to order them at unit cost, or to
>>>>         pay more to support this or other OWASP projects.
>>>>
>>>>         I also think this is a better way to allow community
>>>>         members (including myself) to vote with their wallets
>>>>         rather than spending sparse project funds to get something
>>>>         produced.  Any objections?  Am I putting the cart before
>>>>         the horse here?  Maybe I am just a little too excited to
>>>>         get a copy?
>>>>
>>>>         :)
>>>>
>>>>
>>>>         On Mon, Mar 24, 2014 at 9:43 PM, Samantha Groves
>>>>         <samantha.groves at owasp.org
>>>>         <mailto:samantha.groves at owasp.org>> wrote:
>>>>
>>>>             Sorry, rules of engagement can be found here:
>>>>             https://www.owasp.org/index.php/Funding
>>>>
>>>>
>>>>             On Mon, Mar 24, 2014 at 9:42 PM, Samantha Groves
>>>>             <samantha.groves at owasp.org
>>>>             <mailto:samantha.groves at owasp.org>> wrote:
>>>>
>>>>                 We have about $18,000 available for project
>>>>                 development:
>>>>                 https://www.owasp.org/index.php/Community_Engagement_-_Payments
>>>>
>>>>
>>>>                 I just need to update this page with what has
>>>>                 already been spent.
>>>>
>>>>                 In regard to ordering the books... what are these
>>>>                 for? I ask because there might be another budget
>>>>                 this expense will come from if they fall under
>>>>                 another category.
>>>>
>>>>
>>>>
>>>>                 On Mon, Mar 24, 2014 at 4:55 PM, Dinis Cruz
>>>>                 <dinis.cruz at owasp.org
>>>>                 <mailto:dinis.cruz at owasp.org>> wrote:
>>>>
>>>>                     Cool how much is it and what are the rules of
>>>>                     engagement?
>>>>
>>>>                     Can I start by ordering 10x copies of OpenSAMM
>>>>                     and 10x copies of latest top 10?
>>>>
>>>>                     On 24 Mar 2014 14:55, "Samantha Groves"
>>>>                     <samantha.groves at owasp.org
>>>>                     <mailto:samantha.groves at owasp.org>> wrote:
>>>>
>>>>                         Just an FYI... There is a project fund
>>>>                         bucket that was given to us this year. It
>>>>                         is not much, but it is a start. The
>>>>                         question now is... What do you want to do
>>>>                         with it?
>>>>
>>>>
>>>>                         On Thu, Mar 20, 2014 at 10:38 AM, Yvan
>>>>                         Boily <yvanboily at gmail.com
>>>>                         <mailto:yvanboily at gmail.com>> wrote:
>>>>
>>>>                             I fully support using chapter funds to
>>>>                             produce materials for OWASP chapters,
>>>>                             chapter leads, and to support projects
>>>>                             and stuff.
>>>>
>>>>                             What I am looking for here is to find a
>>>>                             way to fund the production of OWASP
>>>>                             branded materials for non-OWASP stuff,
>>>>                             for example if I want a case of OWASP
>>>>                             cheat sheets that are professionally
>>>>                             produced so I can have our HR team
>>>>                             include them in the new hire kit for
>>>>                             every new dev my employer hires, OWASP
>>>>                             shouldn't foot the bill for that :)
>>>>                             (something like this -
>>>>                             http://www.amazon.com/Microsoft-Introduction-Reference-Instructions-Shortcuts/dp/1936220156/ref=sr_1_14?ie=UTF8&qid=1395336990&sr=8-14&keywords=cheat+sheet
>>>>                             as opposed to a simple sheet of paper).
>>>>
>>>>                             I guess maybe I am looking for a way to
>>>>                             vote with my wallet for stuff that
>>>>                             might eventually be available as a
>>>>                             general order product (which I suspect
>>>>                             will raise hackles, but hey, if OWASP
>>>>                             doesn't do it, someone else will, and
>>>>                             pocket the money instead of investing
>>>>                             it in community projects).
>>>>
>>>>
>>>>
>>>>                             On Thu, Mar 20, 2014 at 7:07 AM, Dinis
>>>>                             Cruz <dinis.cruz at owasp.org
>>>>                             <mailto:dinis.cruz at owasp.org>> wrote:
>>>>
>>>>                                 I think having those professional
>>>>                                 materials are super important for
>>>>                                 OWASP and I also tend to have the
>>>>                                 OpenSAMM printed book at hand since
>>>>                                 it one of most professional ones we
>>>>                                 have :)
>>>>
>>>>                                 So yes, Yvan you are spot on (from
>>>>                                 my point of view) on your analysis
>>>>                                 and OWASP should be helping to pay
>>>>                                 for those materials (specially
>>>>                                 since they are an investment into
>>>>                                 the OWASP brand, and who knows how
>>>>                                 many new members and conference
>>>>                                 attendees we would get from
>>>>                                 the recipients of those materials)
>>>>
>>>>                                 My view is that we should be using
>>>>                                 some of the OWASP funds (currently
>>>>                                 available) to pay for this type of
>>>>                                 materials (so that our leaders can
>>>>                                 distribute it). I'm still waiting
>>>>                                 for the idea of '*/OWASP Projects
>>>>                                 Funds bucket/*' or '*/OWASP
>>>>                                 Chapters Funds bucket'/* so that us
>>>>                                 (the OWASP leaders) can 'just get
>>>>                                 on with it' and distribute the
>>>>                                 great stuff that is created at OWASP.
>>>>
>>>>                                 Basically Yvan should be able to
>>>>                                 quickly order the materials he
>>>>                                 mentions below (all from a global
>>>>                                 fund that is available to all OWASP
>>>>                                 leaders).
>>>>
>>>>                                 That is what I tried to do with the
>>>>                                 OWASP GSD project
>>>>                                 <https://www.owasp.org/index.php/OWASP_GSD_Project>,and
>>>>                                 as you can see on
>>>>                                 https://www.owasp.org/index.php/OWASP_GSD_Project
>>>>                                 that money has been put to good use
>>>>                                 (Yvan I think there is still some
>>>>                                 in there, so feel free to use it).
>>>>
>>>>                                 BTW.. and if we can't get the
>>>>                                 'OWASP Projects Funds bucket' setup
>>>>                                 in the next months, */what about
>>>>                                 topping up the GSD projects fund?/*
>>>>
>>>>                                 Dinis
>>>>
>>>>
>>>>                                 On 20 March 2014 12:22, Yvan Boily
>>>>                                 <yvanboily at gmail.com
>>>>                                 <mailto:yvanboily at gmail.com>> wrote:
>>>>
>>>>                                     Hi Leaders,
>>>>
>>>>                                     After seeing Jim's post about
>>>>                                     Cornucopia and buying a couple
>>>>                                     of copies of the nicely
>>>>                                     produced OpenSAMM documents at
>>>>                                     AppSecEU last year, I was about
>>>>                                     to post a response, but I
>>>>                                     realized that I had a bigger
>>>>                                     question.
>>>>
>>>>                                     For BSidesVancouver this year
>>>>                                     we used crowd-funding and I
>>>>                                     learned that it is a powerful
>>>>                                     way for the community involved
>>>>                                     with that to signal intent
>>>>                                     about priorities when
>>>>                                     organizing the event.  It
>>>>                                     worked out really well, and
>>>>                                     allowed us to keep our event
>>>>                                     100% free for those who
>>>>                                     couldn't or chose not to pay to
>>>>                                     attend.  Since it was super
>>>>                                     successful, I pretty much drank
>>>>                                     the crowd funding kool-aid.
>>>>                                     Later this year some gaming (as
>>>>                                     in playing dungeons and dragons
>>>>                                     every sunday night) folks and I
>>>>                                     will be running a separate
>>>>                                     kickstarter to collect funds to
>>>>                                     print something that we have
>>>>                                     been working on as a hobby; we
>>>>                                     have had a number of people say
>>>>                                     they would buy a copy, but
>>>>                                     using crowdfunding will allow
>>>>                                     us to figure out how much to
>>>>                                     spend on printing stuff and
>>>>                                     potentially allow us to get a
>>>>                                     higher volume printed so we can
>>>>                                     reduce the unit cost.
>>>>
>>>>                                     In addition to this, I have
>>>>                                     pitched using crowd-funding to
>>>>                                     fund the development of high
>>>>                                     quality training materials to
>>>>                                     at least one other OWASP leader.
>>>>
>>>>                                     Has anyone else in the OWASP
>>>>                                     community investigated using
>>>>                                     crowd-funding via Indie Go-Go,
>>>>                                     Kickstarter, or others to
>>>>                                     measure intent and make
>>>>                                     physical copies of things
>>>>                                     available?
>>>>
>>>>                                     The reason I ask is:
>>>>
>>>>                                     * I would like a professionally
>>>>                                     manufactured version of
>>>>                                     Cornucopia (I am talking print
>>>>                                     quality, not anything else). 
>>>>                                     This is expensive. Also, I want
>>>>                                     about 12 copies, not 1.
>>>>
>>>>                                     * I love the quality of the
>>>>                                     OpenSAMM guide; I literally
>>>>                                     carry it around with me when I
>>>>                                     am attending security meetups
>>>>                                     and cons where I might talk
>>>>                                     about OWASP because it's
>>>>                                     production values are simply
>>>>                                     superb.
>>>>
>>>>                                     * I really wish I could buy (by
>>>>                                     the case) professional quality
>>>>                                     printouts of the OWASP cheat
>>>>                                     sheets to give devs in my
>>>>                                     community, and at work.
>>>>
>>>>                                     These things are expensive to
>>>>                                     produce (both the cost of
>>>>                                     manufacturing, and the cost of
>>>>                                     producing good quality print
>>>>                                     materials).
>>>>
>>>>                                     Is this something that people
>>>>                                     are interested in looking at
>>>>                                     it?  Is it a viable option? 
>>>>                                     Are people going to freak
>>>>                                     out[1] for my suggesting it?
>>>>
>>>>                                     Cheers,
>>>>                                     Yvan
>>>>
>>>>
>>>>
>>>>
>>>>                                     [1] omg drama talking about
>>>>                                     crowdfunding in some other
>>>>                                     communities I am involved with
>>>>                                     (gaming, local activism, etc)
>>>>
>>>>                                     _______________________________________________
>>>>                                     OWASP-Leaders mailing list
>>>>                                     OWASP-Leaders at lists.owasp.org
>>>>                                     <mailto:OWASP-Leaders at lists.owasp.org>
>>>>                                     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>>
>>>>
>>>>                             _______________________________________________
>>>>                             OWASP-Leaders mailing list
>>>>                             OWASP-Leaders at lists.owasp.org
>>>>                             <mailto:OWASP-Leaders at lists.owasp.org>
>>>>                             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>>
>>>>
>>>>                         -- 
>>>>
>>>>                         *Samantha Groves, MBA*
>>>>
>>>>                         /OWASP Projects Manager/
>>>>
>>>>                         /
>>>>                         /
>>>>
>>>>                         The OWASP Foundation
>>>>
>>>>                         Phoenix, USA
>>>>
>>>>                         Email: samantha.groves at owasp.org
>>>>                         <mailto:samantha.groves at owasp.org>
>>>>
>>>>                         Skype: samanthahz
>>>>
>>>>
>>>>                         OWASP Global Projects
>>>>                         <https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>
>>>>                         Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>
>>>>                         OWASP Contact US Form
>>>>                         <http://owasp4.owasp.org/contactus.html>
>>>>
>>>>                         New Project Application Form
>>>>                         <http://www.tfaforms.com/263506>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>                 -- 
>>>>
>>>>                 *Samantha Groves, MBA*
>>>>
>>>>                 /OWASP Projects Manager/
>>>>
>>>>                 /
>>>>                 /
>>>>
>>>>                 The OWASP Foundation
>>>>
>>>>                 Phoenix, USA
>>>>
>>>>                 Email: samantha.groves at owasp.org
>>>>                 <mailto:samantha.groves at owasp.org>
>>>>
>>>>                 Skype: samanthahz
>>>>
>>>>
>>>>                 OWASP Global Projects
>>>>                 <https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>
>>>>                 Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>
>>>>                 OWASP Contact US Form
>>>>                 <http://owasp4.owasp.org/contactus.html>
>>>>
>>>>                 New Project Application Form
>>>>                 <http://www.tfaforms.com/263506>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>             -- 
>>>>
>>>>             *Samantha Groves, MBA*
>>>>
>>>>             /OWASP Projects Manager/
>>>>
>>>>             /
>>>>             /
>>>>
>>>>             The OWASP Foundation
>>>>
>>>>             Phoenix, USA
>>>>
>>>>             Email: samantha.groves at owasp.org
>>>>             <mailto:samantha.groves at owasp.org>
>>>>
>>>>             Skype: samanthahz
>>>>
>>>>
>>>>             OWASP Global Projects
>>>>             <https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>
>>>>             Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>
>>>>             OWASP Contact US Form
>>>>             <http://owasp4.owasp.org/contactus.html>
>>>>
>>>>             New Project Application Form
>>>>             <http://www.tfaforms.com/263506>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>         _______________________________________________
>>>>         OWASP-Leaders mailing list
>>>>         OWASP-Leaders at lists.owasp.org  <mailto:OWASP-Leaders at lists.owasp.org>
>>>>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>>
>>
>>     _______________________________________________
>>     OWASP-Leaders mailing list
>>     OWASP-Leaders at lists.owasp.org  <mailto:OWASP-Leaders at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140325/5181371f/attachment-0001.html>


More information about the OWASP-Leaders mailing list